<!DOCTYPE html>
<html>
    <?php
    /*
     * This is the site for the employees
     * Contains functions for employees
     */
    
    include_once "../DB/db.php";
    include_once '../class/UserClass.php';
    include_once '../Functions/empSiteFunctions.php';
    
    // checks if the user is logged in and is a employee
    if ($user->isLoggedOn() && $user->isMedarbeider()) {
    
    // updates the item stock if update is set
    if (isset($_POST['update'])) {
        $sql = 'UPDATE item SET stock= stock + :stock WHERE vid=:vid'; // sets the querie
        $sth = $db->prepare($sql);
        $sth->bindParam(':stock', $_POST['stock']); // number of items that will be addes to stock
        $sth->bindParam(':vid', $_POST['itemID']); // what item that will be updated
        $result = $sth->execute();
    }
    ?>
    <head>
        <title>Nettbutikk</title>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <link rel="stylesheet" type="text/css" href="../CSS/mainFrame.css" />
        <link rel="stylesheet" type="text/css" href="../CSS/content.css" />
    </head>
    <body>
        <div class="wrapper">
            <?php
            include_once "../MainFrame/header.php";
            include_once "../MainFrame/menuBar.php";
            include_once "../MainFrame/sideBar.php";
            ?>

            <div class="content">
                <div class="empcontent">
                        <h1>Medarbeider side</h1> 
                        <dl id="myEmpList">
                            <dt><h3>Bestillinger</h3></dt>
                            <dd><a href="myEmpSite.php?orders=orders" class="profileList">Behandle bestillinger</a></dd>                        
                            <dt><h3>Vare oppdateringer</h3></dt>
                            <dd><a href="myEmpSite.php?numberOf=numberOf" class="profileList">Oppdatere antall</a></dd>                        
                            <dt><h3>Retur</h3></dt>                        
                            <dd><a href="myEmpSite.php?returns=returns" class="profileList">Behandle retur</a></dd>                 
                        </dl> 
                        <div id="employeeSiteContent">
                            <?php
                            if (isset($_REQUEST['orders'])) { // if orders is set, then it will 
                                getOrders($db);               // display the orders that is not edited
                            } else if (isset($_REQUEST['numberOf'])) { // if number of is set the 
                                updateItemStack($db);                   // display the update form
                            } else if (isset($_REQUEST['returns'])) { // if returns is set a search options
                                getReturns($db);                    // will be displayed
                            } else if (isset($_POST['sok'])) {      // if sok is set, then get all returns
                                echo '<h1>Retur</h1>';
                                if ($_POST['orderID'] != '') { //checks what to search for in database
                                    $res = $db->query('SELECT * from returns WHERE oid=' . $_POST['orderID'] . ' ORDER BY sendingdate DESC');
                                } else if ($_POST['returID'] != '') {
                                    $res = $db->query('SELECT * from returns WHERE rid=' . $_POST['returID'] . ' ORDER BY sendingdate DESC');
                                } else if ($_POST['userID'] != '') {
                                    $res = $db->query('SELECT * from returns WHERE uid=' . $_POST['userID'] . ' ORDER BY sendingdate DESC');
                                } else {
                                    header("Location: /Views/myEmpSite.php?returns=returns"); 
                                }                               // the search didnt go as planed
                                echo '<table id="getOrderTable">'; // table to list the returns
                                echo "<tr><th>Retur ID</th><th>Ordre id</th><th>Bruker id</th><th>Behandlet</th></tr>";
                                $check = 0; // checks for number of returns
                                while ($row = $res->fetch()) {
                                    $check++;
                                    echo '<tr>'; // displays the return information
                                    echo '<td><a href="employeeViews/empEditReturn.php?orderID=' . $row['oid'] . '">' . $row['rid'] . '</a></td>';
                                    echo '<td>' . $row['oid'] . '</td>';
                                    echo '<td>' . $row['uid'] . '</td>';
                                    if ($row['edited'] == 1) {  // if the return is edited(behandlet)
                                        echo '<td>Behandlet</td>';
                                    } else {
                                        echo '<td>Ikke behandlet</td>';
                                    }
                                    echo '</tr>';
                                }
                                echo '</table>';
                                if ($check == 0) { // if the check is 0 then the search didnt find any returns
                                    echo '<div class="errorEdit">Fant ingen retur ved dette søket! <a href="myEmpSite.php?returns=returns" >Nytt søk</a></div>';
                                }
                            }
                            ?>
                        </div> 
                    </div>
                </div>

                <?php
            }
            include_once "../MainFrame/footer.php";
            ?>        
        </div>
    </body>
</html>